Lucene search
Japan Vulnerability NotesJVN:79950061HistoryMar 09, 2012 - 12:00 a.m.
JVN#79950061: Jenkins vulnerable to cross-site scripting
2012-03-0900:00:00
Japan Vulnerability Notes
jvn.jp
13
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.3%
Jenkins is a continuous integration (CI) tool. Jenkins contains a cross-site scripting vulnerability.
Note that this vulnerability is different from JVN#14791558.
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Update the software
Update to the latest version according to the information provided by the developer.
Products Affected
- Jenkins versions 1.452 and earlier
- Jenkins Enterprise by CloudBees 1.424.3 and earlier
- Jenkins Enterprise by CloudBees 1.400.0.12 and earlier
Related
cve
cve
CVE-2012-0324
2012-03-09 11:55:01
CVE-2012-0325
2012-03-09 11:55:01
openvas
openvas
Jenkins Multiple Cross Site Scripting Vulnerabilities (Mar 2012) - Windows
2016-08-04 00:00:00
Jenkins Multiple Cross Site Scripting Vulnerabilities (Mar 2012) - Linux
2016-08-04 00:00:00
cvelist
cvelist
CVE-2012-0325
2012-03-09 11:00:00
CVE-2012-0324
2012-03-09 11:00:00
nvd
nvd
CVE-2012-0324
2012-03-09 11:55:01
CVE-2012-0325
2012-03-09 11:55:01
ubuntucve
ubuntucve
CVE-2012-0324
2012-03-09 00:00:00
CVE-2012-0325
2012-03-09 00:00:00
prion
prion
Cross site scripting
2012-03-09 11:55:00
Cross site scripting
2012-03-09 11:55:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.3%
Related for JVN:79950061